Advising  users  on  computer  systems  technology 


This  NCSL  Bulletin  initiates  a 
new  publication  series  at  the 
National  Computer  Systems  Labo¬ 
ratory  (NCSL).  Each  bulletin  will 
present  an  in-depth  discussion  of 
a  single  topic  of  significant  inter¬ 
est  to  the  information  systems 
community.  Bulletins  will  be  is¬ 
sued  on  an  as-needed  basis  and 
are  available  from  NCSL  Publica¬ 
tions,  National  Institute  of  Stan¬ 
dards  and  Technology,  Room 
B151,  Technology  Building, 
Gaithersburg,  MD  20899,  tele¬ 
phone  (301)  975-2821  or 
FTS  879-2821. 
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Introduction 

The  National  Computer  Systems 
Laboratory  (NCSL)  of  the  Na¬ 
tional  Institute  of  Standards  and 
Technology  (NIST)  has  received 
many  inquiries  related  to  the 
Data  Encryption  Standard  (DES). 
This  NCSL  Bulletin  addresses 
those  frequently  asked  questions 
and  provides  sources  of  addi¬ 
tional  information.  This  docu¬ 
ment  does  not  issue  new  policy; 
rather,  it  summarizes  and  clarifies 
existing  policies. 

Background 

NIST  (formerly  the  National  Bu¬ 
reau  of  Standards)  issued  Federal 
Information  Processing  Standard 
(FIPS)  46  in  1977  to  provide  a  sys¬ 
tem  for  the  cryptographic  protec¬ 
tion  of  the  confidentiality  and 
integrity  of  federal  sensitive  un¬ 
classified  computer  information. 
DES  has  been  reviewed  and  reaf¬ 
firmed  twice,  most  recently  in 


1988.  The  current  standard, 
which  was  issued  as  FIPS  46-1, 
reaffirms  the  standard  until  1993- 
The  DES  algorithm  is  based  on 
work  of  the  International  Busi¬ 
ness  Machines  Corporation  and 
has  been  adopted  as  American 
National  Standard  X3.92- 
1981/R1987. 

Technical  Overview 

The  Data  Encryption  Standard 
specifies  a  cryptographic  algo¬ 
rithm  that  converts  plaintext  to 
ciphertext  using  a  56-bit  key. 

The  same  algorithm  is  used  with 
the  same  key  to  convert 
ciphertext  back  to  plaintext,  a 
process  called  decryption.  The 
DES  algorithm  consists  of  16 
"rounds"  of  operations  that  mix 
the  data  and  key  together  in  a 
prescribed  manner  using  the  fun¬ 
damental  operations  of  permuta¬ 
tion  and  substitution.  The  goal  is 
to  completely  scramble  the  data 
and  key  so  that  every  bit  of  the 
ciphertext  depends  on  every  bit 
of  the  data  plus  every  bit  of  the 
key  (a  56-bit  quantity  for  DES). 

Security  Provided  by  DES 

The  security  provided  by  a  cryp¬ 
tographic  system  depends  on  sev¬ 
eral  factors:  mathematical 
soundness  of  the  algorithm, 
length  of  the  keys,  key  manage¬ 
ment,  mode  of  operation,  and  im¬ 
plementation. 

DES  was  developed  to  protect  un¬ 
classified  computer  data  in  fed¬ 
eral  computer  systems  against  a 
number  of  passive  and  active  at¬ 
tacks  in  communications  and 
computer  systems.  It  was  as¬ 
sumed  that  a  knowledgeable  per¬ 
son  might  seek  to  compromise 
the  security  system  by  employing 


resources  commensurate  with  the 
value  of  the  protected  informa¬ 
tion.  Appropriate  applications  of 
DES  include  Electronic  Funds 
Transfer,  privacy  protection  of 
personal  information,  personal 
authentication,  password  protec¬ 
tion,  access  control,  etc. 

DES  has  been  evaluated  by  sev¬ 
eral  organizations  and  has  been 
determined  to  be  mathematically 
sound.  Some  individuals  have 
analyzed  the  DES  algorithm  and 
have  concluded  that  the  algo¬ 
rithm  would  not  be  secure  if  a 
particular  change  were  made 
(e.g.,  if  fewer  "rounds"  were 
used).  Modifications  of  this  sort 
are  not  in  accordance  with  the 
standard  and,  therefore,  may  pro¬ 
vide  significantly  less  security. 

NIST  believes  that  DES  provides 
more  than  adequate  security  for 
its  intended  unclassified  applica¬ 
tions  and  plans  to  continue  its 
support  of  the  standard.  It  is  cur¬ 
rently  the  only  cryptographic  stan¬ 
dard  approved  in  the  federal 
government  to  protect  unclassi¬ 
fied  computer  information  (ex¬ 
cept  for  a  special  category  of 
information  described  below). 

The  next  review  of  DES  is  sched¬ 
uled  for  1993-  NIST  plans  to  aug¬ 
ment  DES  with  other 
cryptographic  algorithms  to  form 
a  family  of  standards  that  will  pro¬ 
vide  new  types  of  protection  in 
special  applications. 

Applicability 

Subject  to  agency  waivers  as  dis¬ 
cussed  below,  use  of  DES  is 
mandatory  for  all  federal  agen¬ 
cies,  including  defense  agencies, 
for  the  protection  of  sensitive  un¬ 
classified  information  when  the 
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agency7  or  department  deter- 
mines  that  cryptographic  pro¬ 
tection  is  required. 

;VV  i  ^,’4 

The  National  Security  Agency 
(NSA)  of  the  tJ.S.  Department  of 
Defense  develops  and  promul¬ 
gates  requirements  for  telecom¬ 
munications  and  automated 
information  systems  operated  by 
the  U.S.  government,  its  contrac¬ 
tors,  or  agents,  that  contain  classi¬ 
fied  information  or,  as  delineated 
in  10  U.S.C.  Section  2315,  the 
function,  operation,  or  use  of 
which: 

— involves  intelligence  activities; 

— involves  cryptologic  activities 
— related  to  national  security; 

— involves  the  direct  command 
and  control  of  military  forces; 

— involves  equipment  which  isr 
an  integral  part  of  a  weapon  or 
weapon  systems;  or 

1  .i 

— is  critical  to  the  direct  fulfill¬ 
ment  of  a  military  o#  intel-  ■ 
ligence  mission, 


Who  we  are 

NCSL  is  one  of  five  major  science 
and  engineering  research  compo¬ 
nents  of  the  National  Institute  of  y 
Standards  and  Technology  (NIST) 
of  the  Department  of  Commerce. 
We  develop  standards  and  test 
methods,  conduct  research  on 
computer  and  related  telecommu¬ 
nications  systems,  and  provide 
technical  assistance  to  govern¬ 
ment  and  industry.  We  seek  to 
overcome  barriers  to  the  efficient 
use  of  computer  systems,  to  the 
cost-effective  exchange  of  infor¬ 
mation,  and  to  the  protection  of 
valuable  information  resources  in 
computer  systems  from  threats  of 
all  kinds. 

James  H.  Burrows, 
Director 


Note  that  the  term  unclassified  in¬ 
formation  as  used  in  this  docu¬ 
ment  excludes  information 
covered  by  10  U.S.C.  2315- 

DES  may  be  used  by  private-sec¬ 
tor  individuals  or  organizations  at 
their  discretion. 

Waivers  for  the 
Mandatory  Use  of  DES 

The  head  of  a  federal  department 
or  agency  may  waive  the  use  of 
DES  for  the  protection  of  unclassi¬ 
fied  information  in  accordance 
with  the  provisions  of  FIPS  46-1, 
section  17,  page  4,  as  discussed 
below: 

"A  waiver  is  necessary  if  crypto¬ 
graphic  devices  performing  an  al¬ 
gorithm  other  than  that  which  is 
specified  in  this  standard  are  to 
be  used  by  a  federal  agency  for 
data  subject  to  cryptographic  pro¬ 
tection  under  this  standard;  No  23- 
waiver  is  necessary  if  classified 
communications  security  equip¬ 
ment  is  to  be  used.  Software  im¬ 
plementations  of  this  algorithm 
for  operational  use  in  general  pur¬ 
pose  computer  systems  do  not 
comply  with  this  standard  and 
each  such  implementation  must 
also  receive  a  waiver.  Implemen¬ 
tation  of  the  algorithm  in  soft- 
ware  for  testing  or  evaluation 
does  not  require  waiver  ap¬ 
proval.  Implementation  of  other 
special  purpose  cryptographic  al¬ 
gorithms  in  software  for  limited 
use  within  a  computer  system 
(e.g.,  encrypting  password  files) 
or  implementation  of  crypto¬ 
graphic  algorithms  in  software 
which  were  being  utilized  in  com¬ 
puter  systems  before  the  effective 
date  of  this  standard  do  not  re¬ 
quire  a  waiver.  However,  these 
limited  uses  should  be  converted 
to  the  use  of  the  standard  when 
the  system  or  equipment  in¬ 
volved  is  upgraded  or  redesigned 
to  include  general  cryptographic 


protection  of  computer  data. 

Waivers  will  be  considered  for  de¬ 
vices  certified  by  the  National  Se¬ 
curity  Agency  as  complying  with 
the  Commercial  COMSEC  En-  . 
dorsement  Program  (CCEP)  when 
such  devices  offer  equivalent 
cost/performance  features  when 
compared  with  devicqs  conform¬ 
ing  to  this  standard." 

Waiver  Procedures 

As  mentioned  above,  the  heads 
of  federal  departments  or  agen¬ 
cies  may  waivie  the  mandatory 
use  of  DES.  This  authority  may 
be  redelegated  only  to  a  senior 
official  designated  pursuant  to  44 
U.S.C.  section  3506(b).  Waivers 
shall  be  granted  only  when: 

-compliance  with  the  standard 
would  adversely  affect  the  accom¬ 
plishment  of  the  mission  of  an 
operator  of  a  federal  computer 
system;  or00  v  amimu: 

-compliance  would  cause  a  major 
adverse  financial  impact  on  the 
operator  which  is  not  offset  by 
govemmentwide  savings. 

Agency  heads  may  act  upon  a 
written  waiver  request  containing 
the  information  detailed  above. 
Agency  heads  may  also  act  with¬ 
out  a  writteh  waiter  reddest 

n  •  if  vf  ■* 

when  they  determine  that  edridi- 
tions  for  meeting  the  standard 
cannot  be  met.  Agency  heads 
may  approve  waivers  only  by  a 
written  decision  which  explains 
the  basis  on  which  the  agency 
head  made  the  required  find- 
ing(s).  A  copy  of  each  such  deci-  ■ 
sion;  with  procurement-sensitive 
or  classified  portions  clearly  iden¬ 
tified,  shall  be  sent  to: 

National  Institute  of  Standards 
and  Technology 

Attention:  FIPS  Waiver  Decisions 
Technology  Building,  Room  B-154 
.Gaithersburg,  MD  20899 
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In  addition,  notice  of  each 
waiver  granted  and  each  delega¬ 
tion  of  authority  shall  be  sent' J 
promptly  to  the  Committee  on 
Government  Operations  of  the 
House  of  Representatives  and  the 
Committee  on  Governmental  Af¬ 
fairs  of  the  Senate  and  shall  be 
published  promptly  in  the  Fed¬ 
eral  Register. 

When  the  determination  ori  a 
waiver  applies  to  the  procure¬ 
ment  of  equipment  and/or  ser¬ 
vices,  a  notice  of  the  waiver 
determination  must  be  published 
in  the  Commerce  Business  Daily 
as  a  part  of  the  notice  ,pf  solicita¬ 
tion  for  offers  of  an  acquisition 
or,  if  the  waiver  determination  is 
made  after  that  notice  is  pub¬ 
lished,  by  amendment  to  such  no¬ 
tice. 

A  copy  of  the  waiver,  any  sup¬ 
porting  documents,  the  docu¬ 
ment  approving  the  waiver  and 
any  supporting  or  accompanying 
documents,  with  such  deletions 
as  the  agency  is  authorized  and 
decides  to  make  under  5  U.S.C. 
Section  552(b),  shall  be  part  of 
the  procurement  documentation 
and  retained  by  the1  agency. 

Endorsement  of  DBS 
Products 

DES  products  for:  use  in  telecom¬ 
munications  equipment  and  sys¬ 
tems  are  no  longer  being 
endorsed  by  NSA  for  confor¬ 
mance  to  FIPS  140,  General  Secu¬ 
rity  Requirements  for  Equipment 
Using  the  Data  Encryption  Stan¬ 
dard,  (formerly  Federal  Standard  i . 
1027),  Federal  agencies  may  pur¬ 
chase  FIPS  140  products  that 
have  not  been  validated  under 
the  NSA  endorsement  program 

without  processing  a  waiver.  To 
,  ■'  f  .  '  1  . 

do  so,  agencies  must  require  wnt- 

ten  affirmation  from  vendors  that 
their  products  are  in  confor¬ 


mance  with  the  provisions  of  the 
current  standard. 

Also,  NIST  has  notified  the  heads 
of  federal  departments  that  they 
may  wish  to  consider  waiving  cer¬ 
tain  requirements  of  FIPS  140  in 
order  to  buy  equipment  which 
may  not  meet  all.  of  the  criteria  in 
the  standard.  This  action  will  en¬ 
able  agencies  to  procure  cost-ef¬ 
fective  equipment  that  meets 
their  needs,  but  has  not  been  en¬ 
dorsed  by  NSA. 

FIPS  140  is  currently  under  revi¬ 
sion  to  be  reissued  as  FIPS  140-1. 
All  issues  contained  within  the 
scope  of  the  original  standard  are 
being  readdressed.  NIST  is  also 
examining  various  methods  for 
conducting  conformance  testing 
against  the  requirements  of  FIPS 
140-1. 

DES  Cryptographic  Keys 

U.S.  government  users  of  DES 
products  which  have  been  en¬ 
dorsed  by  NSA  under  Federal 
Standard  1027  may  obtain  DES 
cryptographic  keys  for  these 
products  from  NSA  upon  request 
at  no  cost.  (Note  that  NSA  is  no 
longer  endorsing  products  under 
Federal  Standard  1027.)  Contact 
your  responsible  Communica¬ 
tions  Security  (COMSEC)  officer 
for  further  information. 

Alternatively,  users  of  DES,  in¬ 
cluding  federal  organizations, 
may  generate  their  own  crypto¬ 
graphic  keys.  DES  keys  must  be 
properly  generated  and  managed 
in  order  to  assure  a  high  level  of 
protection  to  computer  data. 

Key  Management  includes  genera¬ 
tion,  distribution,  storage,  and  de¬ 
struction  of  cryptographic  keys. 
Information  on  this  subject  may 
be  obtained  from  the  following 
documents:  FIPS  74,  FIPS  140-1 
(future),  and  ANSI  X9.17.  (See  ref¬ 
erence  list  for  availability  of  the 
documents.) 


Exportability  of  DES 
Devices  and  Software 
Products 

Hardware-  and  software-based 
implementations  of  DES  are  sub¬ 
ject  to  federal  export  controls  as 
specified  in  Title  22,  Code  of  Fed¬ 
eral  Regulations  (CFR),  Parts  120  - 
128,  the  International  Traffic  in 
Arms  Regulations  (ITAR).  Spe¬ 
cific  information  regarding  export 
applications,  application  proce¬ 
dures,  types  of  iicenses,  and  nec¬ 
essary  forms  may  be  found  in  the 
CFR.  Responsibility  for  granting 
export  licenses  (except  for  those 
DES  implementations  noted 
below)  rests  with: 

Office  of  Munitions  Control 
Bureau  of  Politico-Military  Affairs 
U.S.  Department  of  State 
Washington,  DC,  20250 
Telephone:  (202)  875-6650 

The  Office  of  Munitions  Control, 
U.S.  Department  of  State,  issues 
either  individual  or  distribution  li¬ 
censes.  Under  a  distribution  li¬ 
cense,  annual  reports  must  be 
submitted  by  the  distributor  de¬ 
scribing  to  whom  the  licensed 
products  have  been  sold.  Li¬ 
cense  requests  for  products  to  be 
shipped  to  certain  prohibited 
countries  (see  Section  126.1  of 
the  ITAR)  are  denied  for  foreign 
policy  reasons  by  the  Depart¬ 
ment  of  State. 

Licenses  are  normally  granted  if 
the  end  users  are  either  financial 
institutions  or  American  subsidiar¬ 
ies  abroad.  In  general,  either  in¬ 
dividual  or  distribution  licenses 
may  be  used  for  financial  institu¬ 
tions  while  only  individual  li¬ 
censes  may  be  used  for 
subsidiaries  of  U.S.  corporations. 

Specific  Cryptographic  Implemen¬ 

tations  under  jurisdiction  of  the 
Department  of  Commerce 
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The  Bureau  of  Export  Administra¬ 
tion,  U.S.  Department  of  Com¬ 
merce,  is  responsible  for  the 
granting  of  export  licenses  for 
the  following  categories  of  crypto¬ 
graphic  products  (including  DES): 

Authentication  Software  or  hard¬ 
ware  which  calculates  a  Message 
Authentication  Code  (MAC)  or 
similar  result  to  assure  no  alter¬ 
ation  of  text  has  taken  place,  or 
to  authenticate  users,  but  does 
not  allow  for  encryption  of  data, 
text,  or  other  media  other  than 
that  needed  for  the  authentica¬ 
tion. 

Access  Control.  Software  or  hard¬ 
ware  which  protects  passwords 
or  Personal  Identification  Num¬ 
bers  (PIN)  or  similar  data  to  pre¬ 
vent  unauthorized  access  to 
computing  facilities,  but  does  not 
allow  for  encryption  of  files  or 
text,  except  as  directly  related  to 
password  or  PIN  protection. 

Proprietary  Software  Protection. 
Decryption-only  routines  for  en¬ 
crypted  proprietary  software, 
fonts,  or  other  computer-related 
proprietary  information  for  the 
purpose  of  maintaining  vendor 
control  over  said  information 
when  such  decryption  routines 
are  not  accessible  to  users  of  said 
software,  font,  or  other  informa¬ 
tion,  and  cannot  be  used  for  any 
other  purpose. 

Automatic  Teller  Devices.  De¬ 
vices  limited  to  the  issuance  of 
cash  or  traveler’s  checks,  accep¬ 
tance  of  deposits,  or  account  bal¬ 
ance  reporting. 

Vendors  of  products  in  the  above 
four  categories  should  contact 
the  following  for  a  product  classi¬ 
fication  determination: 


Bureau  of  Export  Administration 
U.S.  Department  of  Commerce 
P.O.  Box  273 
Washington,  DC  20044 
Telephone:  (202)  377-0708 

Following  this  determination,  the 
vendor  will  be  informed  whether 
an  export  license  from  the  U.S. 
Department  of  Commerce  is  nec¬ 
essary,  The  Bureau  of  Export  Ad¬ 
ministration  will  provide  vendors 
with  license  procedures  and  fur¬ 
ther  information  as  appropriate. 

Please  note  that  vendors  whose 
products  do  not  fall  clearly  into 
the  above  categories  should  fol¬ 
low  procedures  set  forth  in  the 
ITAR,  22  CFR  120-130. 

Validation  of  Devices  for 
Compliance  with  FIPS  46 
and  113 

NIST  performs  validations  of 
products  for  compliance  with 
FIPS  46  and  113.  For  further  in¬ 
formation  about  submitting  prod¬ 
ucts  for  validation  or  to  obtain  a 
list  of  devices  validated  under  ei¬ 
ther  standard,  please  contact: 

Manager,  Security  Technology 
Group 

Computer  Security  Division 
National  Computer  Systems 
Laboratory 

Building  225,  Room  A216 
National  Institute  of  Standards 
and  Technology 
Gaithersburg,  MD  20899 
Telephone  (301)  975-2920 

Reference  Documents 

NIST  has  issued  FIPS  and  other 
publications  regarding  DES,  its 
implementation,  and  modes  of 
operation. 

FIPS  46-1,  Data  Encryption 
Standard 

This  standard  provides  the  techni¬ 
cal  specifications  for  DES. 


FTPS  74,  Guidelines  for  Imple¬ 
menting  and  Using  the  NBS 
Data  Encryption  Standard 

This  guideline  on  DES  discusses 
how  and  when  data  encryption 
should  be  used,  various  encryp¬ 
tion  methods,  the  reduction  of  se¬ 
curity  threats,  implementation  of 
DES,  and  key  management. 

FIPS  81,  DES  Modes  of  Opera¬ 
tion 

FIPS  81  defines  four  modes  of  op¬ 
eration  for  DES  which  may  be 
used  in  a  wide  variety  of  applica¬ 
tions.  The  modes  specify  how 
data  will  be  encrypted  and  de¬ 
crypted.  The  four  modes  are: 

(1)  Electronic  Codebook  (ECB), 

(2)  Cipher  Block  Chaining  (CBC), 

(3)  Cipher  Feedback  (CFB),  and 

(4)  Output  Feedback  (OFB). 

FIPS  113,  Computer  Data  Au¬ 
thentication 

This  standard  specifies  a  Data  Au¬ 
thentication  Algorithm,  based 
upon  DES,  which  may  be  used  to 
detect  unauthorized  modifica¬ 
tions,  both  intentional  and  acci¬ 
dental,  to  data.  The  Message 
Authentication  Code  as  specified 
in  ANSI  X9-9  is  computed  in  the 
same  manner  as  the  Data  Authen¬ 
tication  Code  as  specified  in  this 
standard. 

FIPS  139,  Interoperability  and 
Security  Requirements  for 
Use  of  the  Data  Encryption 
Standard  in  the  Physical 
Layer  of  Data  Communica¬ 
tions 

This  standard  specifies  inter¬ 
operability  and  security-related  re¬ 
quirements  for  using  encryption 
at  the  Physical  Layer  of  the  ISO 
Open  Systems  Interconnection 
(OSI)  Reference  Model  in  tele¬ 
communications  systems  convey¬ 
ing  digital  information.  FIPS  139 
was  previously  issued  by  the 
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General  Services  Administration 

as  Federal  Standard  1026'. 

v  *  •  r 

FIPS  140,  General  SecurityRe- 
quirements  for  Equipment 


Using  the  Data  Encryption 
Standard 


i"!  •; 

This  document  establishes  the  ; 
physical  and  logical  security  re¬ 
quirements  for  the  design  and 


manufacture  of  DES  equipment. 
FIPS  140  wa^  previously  issued 
by  the  General  Services  Adminis¬ 
tration  as  Federal  Standard  1027. 


FBPS  141,  Interoperability  and 
Security  Requirements  for 
Use  of  the  Data  Encryption 
Standard  With  CCITT  Group  3 
Facsimile  Equipment  ^ 

This  document  specifies  inter¬ 
operability  and  security  related  re¬ 
quirements  for  use  of  encryption 
with  the  International  Telegraph 
and  Telephone  Consultative  Com¬ 
mittee  (CCITT),  Group  3-type  fac¬ 
simile  equipment!  ‘  l.rs  .< 

NBS  Special  Publication  500- 
20,  Validating  the  Correctness 
of  Hardware  Implementa¬ 
tions  of  the  NBS  Data  Encryp¬ 
tion  Standard 

This  publication  describes  the  de¬ 
sign  and  operation  of  the.  testbed 
that  is  used  for.  the  .validation  of 
hardware  implementations  of 
DES.  A  particular  implementa¬ 
tion  is  verified’if  it  correctly  per- 

-  *«>'.  Vjn  W/-  “ 

forms  a  set  of  291  test  cases  that 

•  'Vf •-  VliV-  a  O  ; 

have  been  defined  to  exercise 
every  basic  element  of  the  algo- 
nthm. 

NBS  Special  Publication  500- 
27,  Computer  Security  and 
the  Data  Encryption  Standard 


This  publication  contains  the  pro¬ 
ceedings  of  the  Conference  on 
Computer  Security  and  the  Data 
Encryption  Standard  held  at  the 
National  Bureau  of  Standards  on 
February  15,  1977.  Subjects  of 
the  papers  and  presentations  in¬ 


clude  physical  security,  risk  as¬ 
sessment,  software  security,  com¬ 
puter  network  security, 
applications  and  implementation 
of  the  Data  Encryption  Standard. 

NBS  Special  Publication  500- 
54,  A  Key  Notarization  Sys¬ 
tem  for  Computer  Networks 

This  document  describes  a  sys¬ 
tem  for  key  notarization,  which 
can  be  used  with  an  encryption 
device,  to  improve  data  security 
in  compute^  networks.  The  key 
notarization  system  can  be  used 
to  communicate  securely  be¬ 
tween  two  users,  communicate 
via  encrypted  mail,  protect  per¬ 
sonal  files,  and  provide  a  digital 
signature  capability. 

NBS  Special  Publication  500-  ** 

61,  Maintenance  Testing  for 
the  Data  Encryption  Standard 

This  special  publication  describes 
the  design  of  four  maintenance 
tests  for  the  Data  Encryption  Stan¬ 
dard.  The  tests  consist  of  an  iter- 
ative  procedure  that  tests  the 
operation  of  DES  devices  using  a 
small  program  and  minimal  data. 
The  tests  are  defined  as  four  spe¬ 
cific  stopping  points  in  a  general 
testing  process  and  satisfy  four 
testing  requirements  of  increasing 
degree  of  completeness  depend¬ 
ing  on  the  thoroughness  of  test¬ 
ing  desired. 

NBS  Special  Publication  500- 
156,  Message  Authentication 
Code  ( MAC )  Validation  Sys¬ 
tem:  Requirements  and  Proce¬ 
dures 

This  special  publication  describes 
a  Message  Authentication  Code 
(MAC)  Validation  System  (MVS) 
to  test  message  authentication  de¬ 
vices  for  conformance  to  two 
data  authentication  standards:  r  • 
FIPS  113  and  ANSI  X9-9-1986,  Fi¬ 
nancial  Institution  Message  Au¬ 
thentication  (Wholesale).  The 


MVS  is  designed  to  perform  auto¬ 
mated  testing  on  message  authen¬ 
tication  devices  which  are  remote 
to  NIST.  This  publication  pro¬ 
vides  brief  overviews  of  the  two 
data  authentication  standards  and 
introduces  the  basic  design  and 
configuration  of  the  MVS.  The  re¬ 
quirements  and  administrative 7  — 
procedures  tc  be  followed  by 
those  seeking  formal  NIST  valida¬ 
tion  of  a  message  authenticatibn 
device  are  presented.  •  ‘ 


Copies  of  these  publications  are 
for  sale  by  the  National  Technical 
Information  Service,  at: 


National  Technical  Information 
Service 

i  r-.i 1 

U.S.  Department  of  Commerce 
5285  Port  Royal  Road 
Springfield,  VA  22l6l  (  ^ 

Telephone  (703)  487-4650, 

FTS:  737-4650 


Other  Documents 

DES  has  been  incorporated  into  a 
number  of  other  standards;  in-/ 
eluding:  /  . 

"American  national  standard  for  fi¬ 
nancial  institution  key  manage¬ 
ment  (wholesale),"  ANSI 
X9.17-1985,  American  Bankers  As¬ 
sociation,  10  Jay  Gould  Ct' 
Waldorf,  MD  20602. 

! 

"American  national  standard  for  fi- 1 
nancial  institution  message  au¬ 
thentication,"  ANSI  X9.9-1986 
(Revised),  American  Bankers  As¬ 
sociation,  10  Jay  Gould  Ct., 
Waldorf,  MD  20602. 

"American  national  standard  for  fi¬ 
nancial  message  encryption," 

ANSI  X9. 23-1988,  American  Bank¬ 
ers  Association,  10  Jay  Gould  Ct., 
Waldorf,  MD  20602. 

"American  national  standard  for 
information  systems  -  Data  en¬ 
cryption  algorithm  -  Modes  of  op¬ 
eration,"  ANSI  X3. 106-1983, 
American  National  Standards  Insti- 
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Related  Documents 


tute,  1430  Broadway,  New  York, 
NY  20018. 

"American  national  standard  for 
information  systems  -  Data  link 
encryption,"  ANSI  X3. 105-1983, 
American  National  Standards  Insti¬ 
tute,  1430  Broadway,  New  York, 
NY  20018 

"American  national  standard  for 
personal  identification  number 
(PIN)  Management  and  Security," 
ANSI  X9.8-1982,  American  Bank¬ 
ers  Association,  10  Jay  Gould  Ct., 
Waldorf,  MD  20602. 

"American  national  standard  for 
retail  message  authentication," 
ANSI  X9. 19-1985,  American  Bank¬ 
ers  Association,  10  Jay  Gould  Ct., 
Waldorf,  MD  20602. 

"Banking  -  Key  management 
(wholesale),"  IS  8732,  Association 


for  Payment  Clearing  Services, 
London,  England,  Dec.  1987. 

"Banking  -  Requirements  for  mes¬ 
sage  authentication  (wholesale)," 
IS  8730,  Association  for  Payment 
Clearing  Services,  London, 
England,  July  1987. 

"Data  encryption  algorithm," 

ANSI  X3.92-1981,  American  Na¬ 
tional  Standards  Institute,  1430 
Broadway,  New  York,  NY  20018. 

"Draft  American  national  stan¬ 
dard  for  financial  institution  sign- 
on  authentication  for  wholesale 
financial  systems:  Secure  trans¬ 
mission  of  personal  authenticat¬ 
ing  information  and  node 
authentication,"  ANSI  X9-26-199_, 
American  Bankers  Association, 

10  Jay  Gould  Ct.,  Waldorf,  MD 
20602. 


"The  Data  Encryption  Standard: 
Past  and  Future,"  Smid  and 
Branstad,  Proceedings  of  the 
IEEE,  Vol.  76,  No.  5,  May  1988. 

NIST’s  Computer  Security 
Program 

For  further  information  regarding 
other  aspects  of  NIST’s  computer 
security  program,  including 
NIST’s  federal  agency  assistance 
program,  please  contact: 


Computer  Security  Division 
National  Computer  Systems 
Laboratory 

Building  225,  Room  A216 
National  Institute  of  Standards 
and  Technology 
Gaithersburg,  MD  20899 
Telephone  (301)  975-2934 
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